?
Solved

VPN over Comcast business gateway

Posted on 2015-01-21
4
Medium Priority
?
923 Views
Last Modified: 2015-01-28
Had a point to point VPN connecting over Comcast using SMC gateway in all locations. Netgear FVS214 routers at all locations using Netgear IPSec setup. All was working fine and then one day it quits.
Cannot find out why. Nothing we control appears to have changed.
Any ideas on where to check or what alternatives are available.
0
Comment
Question by:lloving
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 40563001
You can check the VPN logs on your routers. This will usually tell you the problem.

If Comcast broke your VPN, it's probably because they have a more expensive "business" plan that they can't wait to sell. Just call them.

HTH,
Dan
0
 

Author Comment

by:lloving
ID: 40566548
Ok, here is the output from the VPN log on the host router (Netgear FVS336Gv2). I would appreciate any help deciphering what this log is trying to tell me. Thanks for any response.

2015 Jan 23 14:56:02 [FVS336GV2] [IKE] Initiating new phase 2 negotiation: 50.78.236.145[500]<=>50.251.114.165[0]_
2015 Jan 23 14:56:02 [FVS336GV2] [IKE] Configuration found for 50.251.114.165._
2015 Jan 23 14:56:02 [FVS336GV2] [IKE] accept a request to establish IKE-SA: 50.251.114.165_
2015 Jan 23 14:55:47 [FVS336GV2] [IKE] an undead schedule has been deleted: 'quick_i1prep'._
2015 Jan 23 14:55:47 [FVS336GV2] [IKE] Phase 2 negotiation failed due to time up. c4d2ff0089c77029:af4c283fb749eb78:c8c7e907_
                - Last output repeated 3 times -
2015 Jan 23 14:55:09 [FVS336GV2] [IKE] Ignore information because the message has no hash payload._
2015 Jan 23 14:54:47 [FVS336GV2] [IKE] Initiating new phase 2 negotiation: 50.78.236.145[500]<=>50.251.114.165[0]_
2015 Jan 23 14:54:47 [FVS336GV2] [IKE] Configuration found for 50.251.114.165._
2015 Jan 23 14:54:47 [FVS336GV2] [IKE] accept a request to establish IKE-SA: 50.251.114.165_
0
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 2000 total points
ID: 40566802
>>Phase 2 negotiation failed due to time up.
In my experience, this is a problem caused by a firewall or by NAT.
Check if your Comcast router in the central location is in bridge mode.
0
 

Author Comment

by:lloving
ID: 40575986
Comcast is the culprit. They appear bump the gateway in and out of "bridge" mode. Problem mysteriously solves its self when I complain to Comcast support.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month14 days, 18 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question